So how 'bout those Mets?

[Taqwus]

If he modified gem inventories to do stuff with it, then the game presumably isn't too fanatical about checking this, or the server itself was somehow compromised or worked-around.


It occurs to me that their shouldn't be that much looping. That is --

Gems left in the treasury were computed from the previous turn.

Gem income from sites, gifts, events and enchantments was computed from the previous turn.

Outside of diplomatic means (handled by the messaging system) there is no in-game way to turn anything that's not a gem into a gem, or for 1 gem to turn into more than 1 within a turn. Within a turn but before processing, then, total gems should be strictly nonincreasing. It also should not matter at what point gem alchemy was done, because you can't get more in-turn except by alchemy and because the ratio is fixed. That is, if alchemy was done at any point in the turn, it must have been legal with identical results and with the gems available at the beginning of the turn.
Then there aren't that many numbers to juggle (six types of gems turning into pearls, pearls turning into six types of gems, fire and earth gems turning into money -- which can be done after all other alchemy checks because that's a one-way street and can't make other alchemy operations possible if they weren't already).

Forging has a bit of bookkeeping; the game would need to check that the number of forges done using hammers does not exceed the number of hammers available from the end of the previous turn, and that the forgers had the necessary item slots in addition to skills.

Then, once alchemy is completed, gold becomes a one-way-street; you can get gold from alchemy, but you can't easily turn anything else (people, buildings, units) into gold that you can use that very same turn. You can pillage or hike tax rates, but you don't see the gold until next turn, so it'd be illegal to spend it or put it in the treasury until the appropriate time in turn computation.

Exception: You can get a refund of gold by clearing a recruitment queue that was non-empty after the previous turn. Whether or not you can clear a queue, however, is not affected by other in-turn actions, and the maximum you can get should be based on the Last turn since even if you increase the refund by adding units you have an equally large debit incurred during the addition.

And so forth. I don't think there's much room for bizarre circular operations (actually profitable alchemy, say; e.g. a _MoM_ player with Alchemy, Runemaster and obscene casting skill forging and breaking small items during a turn for pure profit) or anything else that would be unusually difficult to serialize.

[Gandalf Parker]

Quote:

If he modified gem inventories to do stuff with it, then the game presumably isn't too fanatical about checking this, or the server itself was somehow compromised or worked-around.

No it was the turn file itself. As near as can be figured the .trn had a gem number, the gems were added, and then they were "money laundered" into other things before returning the .2h to the server. There were checks but even the checks that were put into the game caused complaints from players when they reported "cheats" which werent really cheating players. That may have slowed down adding additional checks.

[nakomus]

The methods of cheating discussed in this forum (with the exception of Taqwus) seem to focus on alteration of *data* files of the game in question, in two forms:

1. The machine on which the game was hosted was compromised and the fatherland file was edited to change game state. Than the modified, but structurally valid fatherland file was used the hosting Dominions 2 system generate the next turn

2. Either trn or 2h files were modified such that an illegal (but structurally valid) 2h file was returned to the server, which failed to detect the inconsistency in the game state.

Both of these methods assume that the hosting installation of Dominions was operating correctly on the input it was given (although it may be insufficiently paranoid).

If 1) is the true scenario than this clearly need not be the case, the attack would have had access to the executable, configuration information, and runtime state during hosting.

Even if the attacker does not have root access on the hosting server, there is the possibility of a remote exploit in Dominions, either through structurally invalid 2H files or attacks through the network connection.
In short, it may be that the server was coerced to generate invalid turn files, rather than failing to detect subtle modification of an otherwise valid input.

I won’t speculate further as to how this could be carried out.

Of course, the devs may have reason to rule these sorts of attacks out.

[Anglachel]

OMG! I have figured it out! Stormbinder and Norfleet are the same person! You all fell for it suckers!!!!

[jarenko]

Is this thread about baseball?

[Cheezeninja]

No this thread got started after a particularly ugly thread about cheating by a very prominent member of the forum got locked. The title is a sentence commonly used in the USA as a way to change the subject when the current subject is uncomfortable or for some reason taboo.